Endpoints for viewing, creating and manipulating LDAP servers that the authenticated user has permissions to access.
GET /api2/system/aaa/ldap
viewer
GET /api2/system/aaa/ldap/{id}
viewerPOST /api2/system/aaa/ldap
adminPUT /api2/system/aaa/ldap/{id}
adminPUT /api2/system/aaa/ldap
adminDELETE /api2/system/aaa/ldap/{id}
adminDELETE /api2/system/aaa/ldap
admin
[
{
"id": 3,
"priority": 2,
"hostname": "172.17.0.2",
"port": 389, // LDAP is 389 by default, LDAPS is 636
"timeout": 3,
"base_dn": "ou=people,dc=example,dc=com",
"user_dn": "uid",
"version": 3,
"tls_usage": "none", // "none" for LDAP, "lenient" or "strict" for LDAPS
"fallback_role": "user",
"priv_lvl_ref_table": [
{
"attribute_name": "callbackNumber",
"attribute_data_type": "int",
"comparison_value": "56",
"comparison_operator": "<=",
"role": "admin"
},
{
"attribute_name": "callbackNumber",
"attribute_data_type": "str",
"comparison_value": "^qwerty56$",
"comparison_operator": "=~",
"role": "viewer"
}
]
}
]
Value | Description |
---|---|
"none" | no fallback role |
"admin" | fallback role is admin |
"user" | fallback role is user |
"viewer" | fallback role is viewer |
Value | Description |
---|---|
"str" | Attribute data is a string |
"int" | Attribute data is an integer |
Value | Description |
---|---|
"<" | less, is being used for integers only |
"<=" | less or equal, is being used for integers only |
">" | bigger, is being used for integers only |
">=" | bigger or equal, is being used for integers only |
"==" | equal |
"!=" | not equal |
"=~" | regex comparison, is being used for strings only |